If we look at the source code, it is easy to see that for an incoming unauthenticated user, the ExceptionTranslationFilter's sendStartAuthentication(...) method will preserve the original request (+/-)

ExceptionTranslationFilter will save the original URL in a RequestCache before the user is sent/redirected to the appropriate location for authentication to happen.

When the user has successful authenticated ... the Filter which extends AbstractAuthenticationProcessingFilter will be able to leverage this parent's already existing successfulAuthentication() method.

The method will further call upon SavedRequestAwareAuthenticationSuccessHandler's onAuthenticationSuccess() to pull out the original URL from the cache where the user should now be redirected for a happy ending.

Here are the odd mistakes that one might make that will cause this well-oiled mechanism to breakdown:

You have a Filter that redirects the user somehow before ExceptionTranslationFilter ever gets the chance to store the original URL in the HttpSessionRequestCache.

Your Filter, neither extends AbstractAuthenticationProcessingFilter ... nor does it call a AuthenticationSuccessHandler like SavedRequestAwareAuthenticationSuccessHandler for doing this work explicitly.